“We look for malicious domains in the logs of the firewall because you see, the proxy logs, no one can read them. So in the end we can't find anything.”